Verified:

Pang Game profile

Administrator
Game Development
5735

Oct 30th 2013, 0:16:22

Hi everyone,

So as we discussed in our Announcements post, there was a data breach that resulted in hashed passwords, usernames and other data from Boxcar being compromised. After a couple of weeks of investigating, here are the findings that we’re going to release publicly:

- From early August to late September, there was a variety of malicious requests made to Boxcar with the goal of uncovering exactly how to exploit vulnerabilities (SQL injection)
- On October 15th, SQL Injection was used to extract a significant amount of data directly from boxcar’s database; this information allowed encrypted password hashes to be broken and many accounts logged into, including my own
- At least three users were involved in this hacking episode, one of which was Mr Copper
- Additionally an IP address that was used to make malicious accesses aligned with an IP used by chump aka Mr Silver
- Several alliances pointed to odd things related to their data being compromised or weird access (including chump aka Mr Silver temporarily showing up as an active member of LaF with no access log)
- After the Hanlong/Turtle Crawler scandal broke, Turtle Crawler provided the Boxcar source code in full to at least one RD member
- The injection attempts were directed very precisely, rather than brute force through every possible option, as could only be done with access to source code to identify injection points ahead of time
- Additionally, injection attempts were made against EE; fortunately, since EE was actually designed with SQL injection attempts in mind, these attempts merely add more clutter to our logs….

For those alliances that wish to check for this unauthorised activity, the IP list involved is:

62.76.42.236
64.125.188.25
64.237.37.119
66.249.74.40
69.41.14.215
85.17.31.120
93.115.83.16
93.115.84.122
93.115.84.124
109.201.152.13
109.201.152.26
109.201.154.148
109.201.154.150
109.201.154.151
109.201.154.153
109.201.154.156
109.201.154.169
109.201.154.170
109.201.154.171
109.201.154.178
188.190.120.154
204.235.114.66

The admins reserve the right to treat any instance of of data abuse or extreme cheating as we see fit, so we took a couple of items into consideration when deciding how to deal with this:
- The incredibly high level of severity of what was done by the perpetrators, with obvious intention
- The number of other alliances/players impacted by this breach (100% of Boxcar users must change their passwords now)
- The history, make up and culture of RD’s membership and leadership in EE and E2025
- The lack of deterrent from the punishment dealt out during previous cheating scandals, and ban evasion and internal approval that resulted
- Chump AKA Mr. Silver’s direct (while unsolicited) promise that RD would not do anything illegal and if they did, we would be within our rights to throw the book at them (back when RD was returning to the game)
- That there were at least 3 users involved, and one could be identified positively as Mr Copper, one quite likely Mr Silver and one outstanding suggests significant RD leadership involvement
- Absolute proof:

Snippet of Boxcar logins that absolutely identifies MrCopper as doing this.

User - Time - IP - Clan

mrcopper - 2013-10-16 01:03:35 - 24.74.144.201 -xRDx
++ hundreds of logins on this IP as Mr Copper before this

<lcn_user1> - 2013-10-16 01:11:29 - 24.74.144.201 - LCNostra
<lcn_user2> -2013-10-16 01:10:12 - 24.74.144.201 - LCNostra

CRAP I'M ON NOT ON THE OTHER IP!!!!

<lcn_user1> -2013-10-16 01:13:36 - 93.115.82.54 - LCNostra

The IP's in that 93.115 range also did the injection attacks.


So with this in mind, we’re treating this as a “take your friends down with you” level offence and have deleted the whole of the Reservoir Dogs tag. Given the severity of the issue, we reserve the right to make further, future deletions or take other action on RD as may be warranted.

They all will be allowed to restart, and allowed to keep their Boxcar site, as we understand it was a subset of the players involved.

Please refer to the posts on Boxcar and EE Announcement forums for further information and next steps for password recovery.

Cheers,
pang, qz, martian and the EE staff

Edited By: Pang on Oct 30th 2013, 5:16:06
See Original Post
-=Pang=-
Earth Empires Staff
pangaea [at] earthempires [dot] com

Boxcar - Earth Empires Clan & Alliance Hosting
http://www.boxcarhosting.com

sky3litez Game profile

Member
124

Oct 30th 2013, 0:19:09

Your country was destroyed because it was deleted for rules violations.

Syko_Killa Game profile

Member
5118

Oct 30th 2013, 0:20:10

So you delete the entire clan? Where is the fairness there?
Do as I say, not as I do.

Raging Budda Game profile

Member
2139

Oct 30th 2013, 0:20:14

This is idiotic.
Your base is mine!

Mr. Lime Game profile

Member
539

Oct 30th 2013, 0:21:48

yeah...scan my ip all you want i didn't break any rules ...although i guess you just saved me the trouble of rebuilding the stuff pdm just took out

ICQ: 20654127

Pontius Pirate

Member
EE Patron
1907

Oct 30th 2013, 0:21:50

HAHAHAHHAHAAAAAAAAA beautiful

eat it cheating scum

edit: dont really want to sound happy about this since these fluffheads have caused everyone problems by doing this but the response was just brilliant, though I would have gone a step further and permabanned the people behind it from the game

Edited By: Pontius Pirate on Oct 30th 2013, 0:25:51
See Original Post
Originally posted by Cerberus:

This guy is destroying the U.S. Dollars position as the preferred exchange for international trade. The Chinese Ruan is going to replace it soon, then the U.S. will not have control of the IMF

Pontius Pirate

Member
EE Patron
1907

Oct 30th 2013, 0:22:49

once a pathetic cheater, always a pathetic cheater
Originally posted by Cerberus:

This guy is destroying the U.S. Dollars position as the preferred exchange for international trade. The Chinese Ruan is going to replace it soon, then the U.S. will not have control of the IMF

Ershow Game profile

Member
178

Oct 30th 2013, 0:24:16

I smell butt hurt.

Ban those involved (if it's not fabricated nonsense), not the whole damn tag.

I've played in RD for 3 resets now and haven't seen ONE SHREAD of evidence to suggest there is any cheating going on ingame.

What a fluffing douche.

Syko_Killa Game profile

Member
5118

Oct 30th 2013, 0:24:38

shut it PP, I didn't do anything and my country was deleted so I know this is F'ed up
Do as I say, not as I do.

Fuji Game profile

Member
301

Oct 30th 2013, 0:25:00

Don't play for an alliance who is willing to unlawfully gain access to peoples passwords and personal information like cell phone numbers and emails?

Seems pretty simple to me.

bdragon

Member
34

Oct 30th 2013, 0:25:45

Wow

Raging Budda Game profile

Member
2139

Oct 30th 2013, 0:26:42

BTW, this is how you further kill off the game. Mass deleting accounts like this... I just hope that when resinstated, all of RD's turns will be credited like they would have normally.
Your base is mine!

sky3litez Game profile

Member
124

Oct 30th 2013, 0:27:24

this is one of the best EVO counterstrike EVER. my 400mil$ cash with 120/120 turns can't stonewall this

Pontius Pirate

Member
EE Patron
1907

Oct 30th 2013, 0:28:41

Originally posted by Raging Budda:
BTW, this is how you further kill off the game. Mass deleting accounts like this... I just hope that when resinstated, all of RD's turns will be credited like they would have normally.
yeah man this really kills the game but trying to illegally hack other peoples' websites just makes it better for everyone

why don't you get rid of your POS leaders?
Originally posted by Cerberus:

This guy is destroying the U.S. Dollars position as the preferred exchange for international trade. The Chinese Ruan is going to replace it soon, then the U.S. will not have control of the IMF

Ershow Game profile

Member
178

Oct 30th 2013, 0:29:01

Originally posted by Fuji:
Don't play for an alliance who is willing to unlawfully gain access to peoples passwords and personal information like cell phone numbers and emails?

Seems pretty simple to me.


Where's the proof Fuji you fluffwad? Until I see it I'll continue to play in RD, they are a great bunch of people.

Did Laf get mass deleted when Hanlong did his crap? NO. So pull your head out of your arse and reinstate our countries you stupid butt hurt little man.

Taveren Game profile

Member
610

Oct 30th 2013, 0:29:50

RD's members have a right to be angry but their anger is misplaced. The admin's decision is a harsh one but questions as to how and why this occurred should be directed at the responsible parties named in the original post.
¯\_(ツ)_/¯ Skype: som3thingclassy

Ershow Game profile

Member
178

Oct 30th 2013, 0:30:46

OR POST PROOF

Mr Jade

Member
50

Oct 30th 2013, 0:31:29

This is beyond bullfluff...

*waits for EVO/LCN/PDM to claim some form of cheapshot victory.*

Ershow Game profile

Member
178

Oct 30th 2013, 0:31:30

Originally posted by Taveren:
RD's members have a right to be angry but their anger is misplaced. The admin's decision is a harsh one but questions as to how and why this occurred should be directed at the responsible parties named in the original post.


I disagree. I believe it is up to the admins to provide proof. 100% undeniable proof before taking such bold actions. [/quote]

Edited By: Ershow on Oct 30th 2013, 0:33:41
See Original Post

XiQter MD Game profile

Member
261

Oct 30th 2013, 0:31:42

I thought I heard a sound of a baloon deflating somewhere, bai bai RD

Ershow Game profile

Member
178

Oct 30th 2013, 0:32:15

...

Donny Game profile

Member
6022

Oct 30th 2013, 0:32:43

thats it for me on this game. seeya 1a! =SOF
ICQ-105967052



Dear Asians who say they're not ninjas just because they're Asian,
That's exactly what a ninja would say.

Taveren Game profile

Member
610

Oct 30th 2013, 0:33:32

Originally posted by Ershow:
Originally posted by Taveren:
RD's members have a right to be angry but their anger is misplaced. The admin's decision is a harsh one but questions as to how and why this occurred should be directed at the responsible parties named in the original post.


I disagree. I believe it is up to the admins to provide proof. 100% undeniable proof.


TIL IP addresses aren't proof.
¯\_(ツ)_/¯ Skype: som3thingclassy

AzNiZe Game profile

Member
358

Oct 30th 2013, 0:33:32

Hey! Reinstate me.. My turns are overflowing

Mr Azure

Member
65

Oct 30th 2013, 0:34:25

Pang youre still a ****. no real proof, but youve been looking for a reason to do something like this.

while were on the subject or hacking, why dont you tell everyone how you used your admin access to read RDs private boards last year.

Edited By: Patience on Nov 5th 2013, 21:14:13. Reason: Potty mouth...
See Original Post

Servant Game profile

Member
EE Patron
1250

Oct 30th 2013, 0:34:37

MR Jade.

There is no victory in this.

This is a loss for the entire community. A loss of trust,

RD brought color back to the game, untl it went too far. There's no win in this for anyone.

I am saddened, my friend chump allowed this to happen.
Z is #1

Donny Game profile

Member
6022

Oct 30th 2013, 0:35:40

[20:26:38] <Raging> Pang just delted all of RD in alliance.
[20:29:08] <Donny> are u serious
[20:32:18] <@Akula> yes
[20:32:29] <Donny> Your country was destroyed because it possesses no territory.
[20:32:31] <Donny> done
[20:32:35] <Donny> thats fluffed up
[20:33:53] <Raging> if this stands, I"m done with this game
[20:33:57] <Donny> yeah
[20:33:57] <Raging> fully
[20:33:59] <Donny> me too

good job pang
ICQ-105967052



Dear Asians who say they're not ninjas just because they're Asian,
That's exactly what a ninja would say.

ericownsyou5 Game profile

Member
1262

Oct 30th 2013, 0:36:24

If you didn't delete laf, why delete RD? It's no secret you don't like us Pang. I see how 'fair' an admin is now :)

This may be my reason to finally quit this game for good.

Pride Game profile

Member
1590

Oct 30th 2013, 0:36:43

I know there are a lot of people in RD who were not involved. It sucks your leaders took your whole alliance down with them.

I agree with the actions the MODs took though.

Pontius Pirate

Member
EE Patron
1907

Oct 30th 2013, 0:36:43

bye bye to all the players who are ok with their alliance heads hacking other alliance sites

you wont be missed
Originally posted by Cerberus:

This guy is destroying the U.S. Dollars position as the preferred exchange for international trade. The Chinese Ruan is going to replace it soon, then the U.S. will not have control of the IMF

MrTan1

Member
258

Oct 30th 2013, 0:37:11

Evo continually gets killed in wars, blames LaF yet again for the huge hlw/tc scandal then goes to the daddy figure RD and starts more trouble. pang, I dont care if you ban me for saying this but BCH coding is pure trash, it wouldnt take a hacker to break into BCH as the code that I saw looked like a copy/paste job from the internet. It was a security nightmare when I read your code. It is your own fault for saying you were going to release a new version over a year ago and never did it. I know we all have real lives but dude... You shouldn't have came out with a gamerstown rip off that had more holes than swiss cheese. You want to say we hacked the website? Go for it, any 8 year old could hack your poorly coded website.
iScode> thats ok mrford i know when im not welcome!! :(
* iScode cries

prank

Member
165

Oct 30th 2013, 0:37:24

It's funny that people are acting shocked.

Pontius Pirate

Member
EE Patron
1907

Oct 30th 2013, 0:38:32

pang's fault that RD hacked boxcar. got it.
Originally posted by Cerberus:

This guy is destroying the U.S. Dollars position as the preferred exchange for international trade. The Chinese Ruan is going to replace it soon, then the U.S. will not have control of the IMF

mdevol Game profile

Member
3242

Oct 30th 2013, 0:38:39

This is fluffty.....to all those that were caught up in collateral damage

While you can be upset with the mods, ask serious questions to those responsible. Demand they tell the truth or get them gone.

Edited By: mdevol on Oct 30th 2013, 0:43:03
See Original Post
Surely what a man does when he is caught off his guard is the best evidence as to what sort of man he is. - C.S. Lewis

Mr. Copper

Member
112

Oct 30th 2013, 0:38:40

yep. This is pang as usual putting his personal feelings into this game. I have requested evidence from pang that I did ANYTHING at all and have nothing. Qz pointed me back at the post that has no evidence.

This is how it goes. Someone cheated? must be RD
Looks like hacking? Must be the guy that called me an idiot last time and warned me about it.

I'll be waiting on evidence.

Mr Jade

Member
50

Oct 30th 2013, 0:39:07

I'm fluffing done...

Mr Jade

Member
50

Oct 30th 2013, 0:39:57

Originally posted by prank:
It's funny that people are acting shocked.


Here we go with retards running on the assumption that everyone in RD knows what's going on.

Mr. Copper

Member
112

Oct 30th 2013, 0:40:13

This game will be fun with <400 people in it. Great call pang...

Raging Budda Game profile

Member
2139

Oct 30th 2013, 0:40:30

To you all non-RDers or non-allies of RD...this is very bad prcedent being set here. I know of nothing that is alleged to have happened, but all I can say is that dozens of us have by default been accused of cheating. Given the amount of time several of us have spent in this game on just this set, that accusation is insulting and will lead me to forver quit this game if my deletion is upheld.
Your base is mine!

Ershow Game profile

Member
178

Oct 30th 2013, 0:40:42

Originally posted by Taveren:
Originally posted by Ershow:
Originally posted by Taveren:
RD's members have a right to be angry but their anger is misplaced. The admin's decision is a harsh one but questions as to how and why this occurred should be directed at the responsible parties named in the original post.


I disagree. I believe it is up to the admins to provide proof. 100% undeniable proof.


TIL IP addresses aren't proof.


IP addresses provided by a butt hurt Pang. Congratulation numbnuts. You win one internet. I don't trust Pang one bit. We all know he hates RD. Did anyone else sight the suspicious activity coming from these IP's?

Where is the proof that these IP's link to the accused???

Pang Game profile

Administrator
Game Development
5735

Oct 30th 2013, 0:41:42

This post is all you're getting. We're not going to take part in spin if you're going to act like TC. At least Hanlong owned up to it.

The cheating has been confirmed by multiple clans data on multiple services and 3 admins have looked at data and agree. Drop the charade & attitude...

This isn't political, this is just unfortunate.

Don't continue trying to spin this.
-=Pang=-
Earth Empires Staff
pangaea [at] earthempires [dot] com

Boxcar - Earth Empires Clan & Alliance Hosting
http://www.boxcarhosting.com

MrTan1

Member
258

Oct 30th 2013, 0:42:42

Originally posted by Mr. Copper:
This game will be fun with <400 people in it. Great call pang...


All explore rep-farmers will dominate! No land trading, dict is nerfed, and etc. Great call, evo, great call.
iScode> thats ok mrford i know when im not welcome!! :(
* iScode cries

sky3litez Game profile

Member
124

Oct 30th 2013, 0:42:46

how does IP equal proof? if i was admin.i would just copy and paste all RD IPs and call it a day. please give me hard proofs

Syko_Killa Game profile

Member
5118

Oct 30th 2013, 0:43:19

I for one do not have one of those IP addresses, I believe SoF saves IP addresses from former players and can vouch if they would like that none of those belongs to me.
Do as I say, not as I do.

ericownsyou5 Game profile

Member
1262

Oct 30th 2013, 0:43:30

Originally posted by Pang:
This post is all you're getting. We're not going to take part in spin if you're going to act like TC. At least Hanlong owned up to it.

The cheating has been confirmed by multiple clans data on multiple services and 3 admins have looked at data and agree. Drop the charade & attitude...

This isn't political, this is just unfortunate.


Delete all of LaF for hanlong and I'll agree with this.

MrTan1

Member
258

Oct 30th 2013, 0:43:41

Originally posted by Pang:
This post is all you're getting. We're not going to take part in spin if you're going to act like TC. At least Hanlong owned up to it.

The cheating has been confirmed by multiple clans data on multiple services and 3 admins have looked at data and agree. Drop the charade & attitude...

This isn't political, this is just unfortunate.


With you the only one who ever posts too?
iScode> thats ok mrford i know when im not welcome!! :(
* iScode cries

Mr. Copper

Member
112

Oct 30th 2013, 0:43:53

exactly pang. You have nothing at all. If the evidence was there you would have no issues posting it.

MrTan1

Member
258

Oct 30th 2013, 0:46:41

Originally posted by Mr. Copper:
exactly pang. You have nothing at all. If the evidence was there you would have no issues posting it.


He is just trying to be a fair GA and not spread such things over his own board system! What a fluffing joke.
iScode> thats ok mrford i know when im not welcome!! :(
* iScode cries

Taveren Game profile

Member
610

Oct 30th 2013, 0:46:49

Originally posted by Mr. Copper:
yep. This is pang as usual putting his personal feelings into this game. I have requested evidence from pang that I did ANYTHING at all and have nothing. Qz pointed me back at the post that has no evidence.

This is how it goes. Someone cheated? must be RD
Looks like hacking? Must be the guy that called me an idiot last time and warned me about it.

I'll be waiting on evidence.


You're saying that you, or any member of RD, weren't involved in using several users' credentials to log in to LCN, MD, PDM and Rage boxcar sites from...

93.115.84.122
93.115.84.124

...and make copies of member lists including phone numbers and emails?
¯\_(ツ)_/¯ Skype: som3thingclassy

MrTan1

Member
258

Oct 30th 2013, 0:48:08

Romanian proxy, could have been Arsenal.
iScode> thats ok mrford i know when im not welcome!! :(
* iScode cries